You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "David (Dave) Donnan" <da...@thalesgroup.com> on 2010/10/19 10:27:16 UTC

[users@httpd] RewriteRule .* - [E=TEMP_SMUSER:%{SSL:OID("2.5.29.17")}] # Subject Alternate Name

Server version: Apache/2.2.4 (Win32)

Hello and thanks for your much appreciated help in the past.

I'm trying a re-write rule that uses OID "2.5.29.17" - Subject Alternate 
Name.
I've tried various permutations:

    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    # RewriteRule .* - [E=TEMP_SMUSER:%{SSL:OID("2.5.29.17")}]
    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    # RewriteRule .* - [E=TEMP_SMUSER:%{OID("2.5.29.17")}]
    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    # RewriteRule .* - [E=TEMP_SMUSER:%{LA:OID("2.5.29.17")}]
    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    # RewriteRule .* - [E=TEMP_SMUSER:%{VAR:OID("2.5.29.17")}]
    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    # RewriteRule .* - [E=TEMP_SMUSER:%{LA-U:OID("2.5.29.17")}]
    # 20101019 DD Following doesn't work with result: TEMP_SMUSER="" in
    getenv.cgi
    RewriteRule .* - [E=TEMP_SMUSER:%{LA-U:OID(2.5.29.17)}]

Question 1: Is this supported ? If so, what am I doing wrong ?

OID does work with SSLRequire, for example:

    SSLRequire "email:firstname.lastname@company.org" in
    OID("2.5.29.17") # Note I need the 'email:' bit, in front of the
    email address

Question 2: Also, I've never gotten SetEnvIf to work, for example:

    SetEnvIf "LA-U:REMOTE_PORT"               "(.*)"           
    A_SETENVIF_LA_U_REMOTE_PORT=$1
    SetEnvIf ${LA-U:REMOTE_PORT}               "(.*)"           
    A_SETENVIF_LA_U_REMOTE_PORT_PERCENT=$1

    SetEnvIf "LA-F:REMOTE_PORT"               "(.*)"           
    A_SETENVIF_LA_F_REMOTE_PORT=$1
    SetEnvIf ${LA-F:REMOTE_PORT}               "(.*)"           
    A_SETENVIF_LA_F_REMOTE_PORT_PERCENT=$1

    SetEnvIf "ENV:REMOTE_PORT"               "(.*)"           
    A_SETENVIF_ENV_REMOTE_PORT=$1
    SetEnvIf ${ENV:REMOTE_PORT}               "(.*)"           
    A_SETENVIF_ENV_REMOTE_PORT_PERCENT=$1

    SetEnvIf "SSL:REMOTE_PORT"               "(.*)"           
    A_SETENVIF_SSL_REMOTE_PORT=$1
    SetEnvIf ${SSL:REMOTE_PORT}               "(.*)"           
    A_SETENVIF_SSL_REMOTE_PORT_PERCENT=$1

    SetenvIf %{OID("0.9.2342.19200300.100.1.1")} "(.*)"           
    A_SETENVIF_OIDTEST_WITH_PERCENT=3D$1
    SetenvIf OID("0.9.2342.19200300.100.1.1") "(.*)"           
    A_SETENVIF_OIDTEST=3D$1

Result:

    A_SETENVIF_ENV_REMOTE_PORT=""
    A_SETENVIF_ENV_REMOTE_PORT_PERCENT=""
    A_SETENVIF_LA_F_REMOTE_PORT=""
    A_SETENVIF_LA_F_REMOTE_PORT_PERCENT=""
    A_SETENVIF_LA_U_REMOTE_PORT=""
    A_SETENVIF_LA_U_REMOTE_PORT_PERCENT=""
    A_SETENVIF_OIDTEST="3D"
    A_SETENVIF_OIDTEST_WITH_PERCENT="3D"
    A_SETENVIF_SSL_REMOTE_PORT=""
    A_SETENVIF_SSL_REMOTE_PORT_PERCENT=""
      

Any help would be greatly appreciated, Dave
----------